URL:

https://jp.appconner.com/app-google-chrome-%E9%AB%98%E9%80%9F%E3%81%A7%E5%AE%89%E5%85%A8?utm_source=bing&utm_medium=cpc&utm_campaign=afcapp_jp_rita_%E4%BD%8E%E4%BB%B7%E9%AB%98%E6%B5%81%E9%87%8F_0.05_1&utm_term=google%20chrome&utm_content=j0261_Google%20Chrome%3A%20%E9%AB%98%E9%80%9F%E3%81%A7%E5%AE%89%E5%85%A8

Full analysis: https://app.any.run/tasks/0f765eca-d7f6-4a22-a920-cc197fcf315d
Verdict: Malicious activity
Analysis date: February 15, 2024, 05:37:01
OS: Windows 11 Professional (build: 22000, 64 bit)
Indicators:
MD5:

EED6AF6585273502D8F9F682D8E41E20

SHA1:

32F6E5103D2576C43AD91DA2E0B80536635803D9

SHA256:

BAEC86665BC3AFDF9A396EFC059CE1139335BE52330691DFCC6A0B0C52397BE8

SSDEEP:

6:2cbGcncxWZBzF26WLW5Hhcm0E7Rlh4aCn/DW6vdIUCLBcncxWZBzFr:20Xs9WWm0EOrLW6KUWBkXl

ANY.RUN is an interactive service which provides full access to the guest system. Information in this report could be distorted by user actions and is provided for user acknowledgement as it is. ANY.RUN does not guarantee maliciousness or safety of the content.

  • MALICIOUS

    • Creates a writable file in the system directory

      • WinZip Smart Monitor Service.exe (PID: 4464)

  • SUSPICIOUS

    • Reads settings of System Certificates

      • Settings.exe (PID: 1620)
      • WinZipSmartMonitor.exe (PID: 2400)
      • WinZip Smart Monitor Service.exe (PID: 1424)
      • Settings.exe (PID: 1924)
      • Settings.exe (PID: 4064)
      • WinZip System Utilities Suite.exe (PID: 2076)
      • Settings.exe (PID: 3920)
      • Settings.exe (PID: 4204)
      • Settings.exe (PID: 1732)
      • WinZipSmartMonitor.exe (PID: 5816)

    • Checks Windows Trust Settings

      • Settings.exe (PID: 1620)
      • WinZipSmartMonitor.exe (PID: 2400)
      • WinZip Smart Monitor Service.exe (PID: 4464)
      • WinZip Smart Monitor Service.exe (PID: 1424)
      • Settings.exe (PID: 1924)
      • Settings.exe (PID: 4064)
      • WinZip System Utilities Suite.exe (PID: 2076)
      • Settings.exe (PID: 3920)
      • Settings.exe (PID: 4204)
      • Settings.exe (PID: 1732)
      • WinZipSmartMonitor.exe (PID: 5816)

    • Reads security settings of Internet Explorer

      • Settings.exe (PID: 1620)
      • WinZipSmartMonitor.exe (PID: 2400)
      • WinZip Smart Monitor Service.exe (PID: 1424)
      • Settings.exe (PID: 1924)
      • Settings.exe (PID: 4064)
      • Settings.exe (PID: 3920)
      • WinZip System Utilities Suite.exe (PID: 2076)
      • Settings.exe (PID: 4204)
      • Settings.exe (PID: 1732)
      • WinZipSmartMonitor.exe (PID: 5816)
      • WinZip Smart Monitor Service.exe (PID: 4464)

    • Reads the Internet Settings

      • Settings.exe (PID: 1620)
      • WinZipSmartMonitor.exe (PID: 5816)

    • Executes as Windows Service

      • WinZip Smart Monitor Service.exe (PID: 4464)

    • Searches for installed software

      • Settings.exe (PID: 1924)
      • Settings.exe (PID: 4064)
      • Settings.exe (PID: 3920)
      • Settings.exe (PID: 1732)
      • WinZipSmartMonitor.exe (PID: 5816)
      • Settings.exe (PID: 4204)
      • WinZip Smart Monitor Service.exe (PID: 4464)

  • INFO

    • Reads security settings of Internet Explorer

      • explorer.exe (PID: 4208)

    • Application launched itself

      • msedge.exe (PID: 1880)
      • msedge.exe (PID: 1040)

    • Reads settings of System Certificates

      • explorer.exe (PID: 4208)

    • Checks proxy server information

      • explorer.exe (PID: 4208)
      • Settings.exe (PID: 1620)
      • WinZip Smart Monitor Service.exe (PID: 4464)
      • WinZipSmartMonitor.exe (PID: 5816)

    • Checks supported languages

      • Settings.exe (PID: 1620)
      • WinZip Smart Monitor Service.exe (PID: 1424)
      • WinZipSmartMonitor.exe (PID: 2400)
      • WinZip Smart Monitor Service.exe (PID: 4464)
      • Settings.exe (PID: 1924)
      • Settings.exe (PID: 4064)
      • Settings.exe (PID: 3920)
      • WinZip System Utilities Suite.exe (PID: 2076)
      • Settings.exe (PID: 1732)
      • Settings.exe (PID: 4204)
      • WinZipSmartMonitor.exe (PID: 5816)

    • Reads the Internet Settings

      • explorer.exe (PID: 4208)

    • Reads the computer name

      • Settings.exe (PID: 1620)
      • WinZip Smart Monitor Service.exe (PID: 1424)
      • WinZipSmartMonitor.exe (PID: 2400)
      • Settings.exe (PID: 1924)
      • Settings.exe (PID: 4064)
      • WinZip Smart Monitor Service.exe (PID: 4464)
      • WinZip System Utilities Suite.exe (PID: 2076)
      • Settings.exe (PID: 3920)
      • Settings.exe (PID: 1732)
      • Settings.exe (PID: 4204)
      • WinZipSmartMonitor.exe (PID: 5816)

    • Reads the software policy settings

      • Settings.exe (PID: 1620)
      • WinZip Smart Monitor Service.exe (PID: 1424)
      • WinZipSmartMonitor.exe (PID: 2400)
      • Settings.exe (PID: 1924)
      • Settings.exe (PID: 4064)
      • WinZip Smart Monitor Service.exe (PID: 4464)
      • WinZip System Utilities Suite.exe (PID: 2076)
      • Settings.exe (PID: 3920)
      • Settings.exe (PID: 4204)
      • Settings.exe (PID: 1732)
      • WinZipSmartMonitor.exe (PID: 5816)

    • Creates files or folders in the user directory

      • Settings.exe (PID: 1620)
      • explorer.exe (PID: 4208)

    • Reads the machine GUID from the registry

      • WinZip Smart Monitor Service.exe (PID: 1424)
      • Settings.exe (PID: 1620)
      • WinZipSmartMonitor.exe (PID: 2400)
      • WinZip Smart Monitor Service.exe (PID: 4464)
      • Settings.exe (PID: 1924)
      • Settings.exe (PID: 4064)
      • Settings.exe (PID: 3920)
      • WinZip System Utilities Suite.exe (PID: 2076)
      • Settings.exe (PID: 1732)
      • Settings.exe (PID: 4204)
      • WinZipSmartMonitor.exe (PID: 5816)

    • Creates files in the program directory

      • WinZipSmartMonitor.exe (PID: 2400)
      • Settings.exe (PID: 1924)
      • WinZip Smart Monitor Service.exe (PID: 4464)
Find more information about signature artifacts and mapping to MITRE ATT&CK™ MATRIX at the full report
No Malware configuration.
No data.
screenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshotscreenshot
All screenshots are available in the full report
All screenshots are available in the full report
Total processes
177
Monitored processes
19
Malicious processes
8
Suspicious processes
3

Behavior graph

Click at the process to see the details
start msedge.exe no specs msedge.exe no specs explorer.exe settings.exe winzip smart monitor service.exe no specs winzipsmartmonitor.exe no specs sc.exe no specs conhost.exe no specs winzip smart monitor service.exe settings.exe no specs settings.exe no specs unsecapp.exe no specs winzip system utilities suite.exe no specs settings.exe no specs msedge.exe no specs msedge.exe no specs settings.exe no specs settings.exe no specs winzipsmartmonitor.exe

Process information

PID
CMD
Path
Indicators
Parent process
1040"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://goto.winzip.com/action/?product=SUS&LinkType=Install&Language=en&BuildID=53&OSource=wzss53&t=&UID=e4cd72ba-84ce5e5e-16b86745-7f374a7d&version=4.0.1.4&license=&r=0&dsi=0C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeWinZip System Utilities Suite.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Microsoft Edge
Exit code:
0
Version:
111.0.1661.62
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\program files (x86)\microsoft\edge\application\111.0.1661.62\msedge_elf.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
1068\??\C:\Windows\system32\conhost.exe 0xffffffff -ForceV1C:\Windows\System32\conhost.exesc.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
HIGH
Description:
Console Window Host
Exit code:
0
Version:
10.0.22000.1 (WinBuild.160101.0800)
Modules
Images
c:\windows\system32\conhost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\msvcp_win.dll
c:\windows\system32\ucrtbase.dll
c:\windows\system32\shcore.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
1424"C:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exe" /ServiceC:\Program Files\WinZip Smart Monitor\WinZip Smart Monitor Service.exeWinZipSmartMonitorSetup.exe
User:
admin
Company:
Corel Corporation
Integrity Level:
HIGH
Description:
WinZip Smart Monitor Service
Exit code:
0
Version:
2,12,3,2
Modules
Images
c:\program files\winzip smart monitor\winzip smart monitor service.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
1620"C:\Program Files\WinZip Smart Monitor\Settings.exe" /RegServerC:\Program Files\WinZip Smart Monitor\Settings.exe
WinZipSmartMonitorSetup.exe
User:
admin
Company:
Corel Corporation
Integrity Level:
HIGH
Description:
Settings
Exit code:
0
Version:
2,12,3,2
Modules
Images
c:\program files\winzip smart monitor\settings.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
1732"C:\Program Files\WinZip Smart Monitor\Settings.exe" -EmbeddingC:\Program Files\WinZip Smart Monitor\Settings.exesvchost.exe
User:
admin
Company:
Corel Corporation
Integrity Level:
HIGH
Description:
Settings
Exit code:
0
Version:
2,12,3,2
Modules
Images
c:\program files\winzip smart monitor\settings.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
1880"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" "https://jp.appconner.com/app-google-chrome-%E9%AB%98%E9%80%9F%E3%81%A7%E5%AE%89%E5%85%A8?utm_source=bing&utm_medium=cpc&utm_campaign=afcapp_jp_rita_%E4%BD%8E%E4%BB%B7%E9%AB%98%E6%B5%81%E9%87%8F_0.05_1&utm_term=google%20chrome&utm_content=j0261_Google%20Chrome%3A%20%E9%AB%98%E9%80%9F%E3%81%A7%E5%AE%89%E5%85%A8"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeexplorer.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Exit code:
0
Version:
111.0.1661.62
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\111.0.1661.62\msedge_elf.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\cryptbase.dll
1924"C:\Program Files\WinZip Smart Monitor\Settings.exe" -EmbeddingC:\Program Files\WinZip Smart Monitor\Settings.exesvchost.exe
User:
admin
Company:
Corel Corporation
Integrity Level:
HIGH
Description:
Settings
Exit code:
0
Version:
2,12,3,2
Modules
Images
c:\program files\winzip smart monitor\settings.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
2076"C:\Program Files\WinZip System Utilities Suite\WinZip System Utilities Suite.exe" -splash 6140C:\Program Files\WinZip System Utilities Suite\WinZip System Utilities Suite.exeWinZip System Utilities Suite.exe
User:
admin
Company:
Corel Corporation
Integrity Level:
HIGH
Description:
WinZip System Utilities Suite
Exit code:
62097
Version:
4,0,1,4
Modules
Images
c:\program files\winzip system utilities suite\winzip system utilities suite.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
2400"C:\Program Files\WinZip Smart Monitor\WinZipSmartMonitor.exe" -installC:\Program Files\WinZip Smart Monitor\WinZipSmartMonitor.exeWinZipSmartMonitorSetup.exe
User:
admin
Company:
Corel Corporation
Integrity Level:
HIGH
Description:
WinZip Smart Monitor
Exit code:
0
Version:
2,12,3,2
Modules
Images
c:\program files\winzip smart monitor\winzipsmartmonitor.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\user32.dll
c:\windows\system32\win32u.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\gdi32full.dll
c:\windows\system32\msvcp_win.dll
3756"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=111.0.5563.149 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=111.0.1661.62 --initial-client-data=0x114,0x118,0x11c,0xf0,0x128,0x7ff87ecab5f8,0x7ff87ecab608,0x7ff87ecab618C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exemsedge.exe
User:
admin
Company:
Microsoft Corporation
Integrity Level:
MEDIUM
Description:
Microsoft Edge
Exit code:
0
Version:
111.0.1661.62
Modules
Images
c:\program files (x86)\microsoft\edge\application\msedge.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\kernelbase.dll
c:\program files (x86)\microsoft\edge\application\111.0.1661.62\msedge_elf.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\sechost.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\cryptbase.dll
Total events
42 450
Read events
42 337
Write events
108
Delete events
5

Modification events

(PID) Process:(4208) explorer.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000060266
Operation:writeName:VirtualDesktop
Value:
1000000030304456FCABD65A4389144799D3EAE4E24A89DB
(PID) Process:(1880) msedge.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Edge\BLBeacon
Operation:writeName:failed_count
Value:
0
(PID) Process:(1880) msedge.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Edge\BLBeacon
Operation:writeName:state
Value:
2
(PID) Process:(1880) msedge.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Edge\ThirdParty
Operation:writeName:StatusCodes
Value:
(PID) Process:(1880) msedge.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Edge\ThirdParty
Operation:writeName:StatusCodes
Value:
01000000
(PID) Process:(1880) msedge.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Edge\BLBeacon
Operation:writeName:state
Value:
1
(PID) Process:(4208) explorer.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\SessionInfo\1\ApplicationViewManagement\W32:0000000000090282
Operation:writeName:VirtualDesktop
Value:
1000000030304456FCABD65A4389144799D3EAE4E24A89DB
(PID) Process:(4208) explorer.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Operation:writeName:ZFRqtr
Value:
000000000F000000240000000DE11100000080BF000080BF000080BF000080BF000080BF000080BF000080BF000080BF000080BF000080BFFFFFFFFF00F356ADB82DDA0100000000
(PID) Process:(4208) explorer.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Operation:writeName:HRZR_PGYFRFFVBA
Value:
00000000E7010000B703000075A5AE017B000000830000001C2736004D006900630072006F0073006F00660074002E00570069006E0064006F00770073002E004500780070006C006F007200650072000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007B000000830000001C2736004D006900630072006F0073006F00660074002E00570069006E0064006F00770073002E004500780070006C006F007200650072000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007B000000830000001C2736004D006900630072006F0073006F00660074002E00570069006E0064006F00770073002E004500780070006C006F00720065007200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
(PID) Process:(4208) explorer.exeKey:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{CEBFF5CD-ACE2-4F4F-9178-9926F41749EA}\Count
Operation:writeName:ZFRqtr
Value:
000000000F0000002400000066A11400000080BF000080BF000080BF000080BF000080BF000080BF000080BF000080BF000080BF000080BFFFFFFFFF00F356ADB82DDA0100000000
Executable files
0
Suspicious files
12
Text files
2
Unknown types
5

Dropped files

PID
Process
Filename
Type
4464WinZip Smart Monitor Service.exeC:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\75CA58072B9926F763A91F0CC2798706_056B48C93C4964C2E64C0A8958238656binary
MD5:D1816815B3E00AC8F70A20D9F73D3203
SHA256:6908D18A32EC2F702157C0C33C11E0C714BD08B94A7A2DF73ACF3F64EC5F9682
1924Settings.exeC:\ProgramData\WinZip\WinZip Smart Monitor\S-1-5-21-166304369-59083888-3082702900-1001\smsettingstext
MD5:3DA8043732F566E2FA749F6267ABCC93
SHA256:79B18978637868AA31F346C5C628FA95E21A3442A1896AA627C5E4FD21533D04
4464WinZip Smart Monitor Service.exeC:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\42B9A473B4DAF01285A36B4D3C7B1662_178C086B699FD6C56B804AF3EF759CB5binary
MD5:E11E87C659C5C7485841D3C58A211771
SHA256:F92AAE0BA568F0025CB768F656FA0E679B24292AF61AE3371FC33C85E1DEE234
1620Settings.exeC:\Users\admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\42B9A473B4DAF01285A36B4D3C7B1662_178C086B699FD6C56B804AF3EF759CB5binary
MD5:9C40DE70F868B91EEF1C3AE1BF6B264C
SHA256:E1439140A2A14A3B576F5CFCD459F67570DFE136C2760FB17A61541A72E40EE3
4464WinZip Smart Monitor Service.exeC:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\66AE3BFDF94A732B262342AD2154B86E_A136AB54DEB3A883BF1C643440FFF3F3der
MD5:6966BCBC30DE6C1C2C2E91CACFB20D34
SHA256:5EDDABB75645D1EBD758AC3B22A4A0C774766811FC26FB3C57C3EFD7AA0AC917
2400WinZipSmartMonitor.exeC:\ProgramData\WinZip\WinZip Smart Monitor\S-1-5-21-166304369-59083888-3082702900-1001\settings.datatext
MD5:3C7D15C2EC50A1F8A9752DA51573C85A
SHA256:8938747C4DEA9554143D6257443C4988BF3248F87DC8823B259CDD43178BC32F
4464WinZip Smart Monitor Service.exeC:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F53EB4E574DE32C870452087D92DBEBB_B6A369BFA8AD714F9A5D7535434B0352binary
MD5:E8139E94CC1E89EB2410FC7EF274D07B
SHA256:2D9FF7738D337C1F3E98190A9B93D25EB3CDBDFA79D29A75B7973B259D49A548
1880msedge.exeC:\Users\admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.datbinary
MD5:3BA81BFAB5865A66309AA97D51DA831F
SHA256:E82365C7BE287704992CF9322966552D83DF37CBB9C5520108D9651270AC226D
4464WinZip Smart Monitor Service.exeC:\Windows\system32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\42B9A473B4DAF01285A36B4D3C7B1662_178C086B699FD6C56B804AF3EF759CB5binary
MD5:6C0690491BB583D780A641CA3ABBE226
SHA256:DCFF0D2DAF054EDB73AC8E322CA2414D139C822A5240406E51B551985631410E
4464WinZip Smart Monitor Service.exeC:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\8142af7541f11a38b28ad871cc427f2c_c058e375-e15a-4784-84e6-145044762c88dbf
MD5:7E0397F5E1A30446B70501CB13E4AD52
SHA256:BDA295D00866A341E887664907574D60D9AC2FC0BBBA0CE79D6876E5554150DE
Download PCAP, analyze network streams, HTTP content and a lot more at the full report
HTTP(S) requests
28
TCP/UDP connections
178
DNS requests
166
Threats
3

HTTP requests

PID
Process
Method
HTTP Code
IP
URL
CN
Type
Size
Reputation
1412
svchost.exe
GET
200
2.16.164.42:80
http://www.msftconnecttest.com/connecttest.txt
unknown
text
22 b
unknown
3752
svchost.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSAUQYBMq2awn1Rh6Doh%2FsBYgFV7gQUA95QNVbRTLtm8KPiGxvDl7I90VUCEAJ0LqoXyo4hxxe7H%2Fz9DKA%3D
unknown
binary
471 b
unknown
5180
msedge.exe
GET
200
173.222.108.226:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?85a7b531b6b6be21
unknown
compressed
65.2 Kb
unknown
5180
msedge.exe
GET
200
173.222.108.226:80
http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?f50ae33ad2b5d091
unknown
compressed
65.2 Kb
unknown
2340
smartscreen.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBTfIs%2BLjDtGwQ09XEB1Yeq%2BtX%2BBgQQU7NfjgtJxXWRM3y5nP%2Be6mK4cD08CEAitQLJg0pxMn17Nqb2Trtk%3D
unknown
binary
727 b
unknown
2340
smartscreen.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBSRXerF0eFeSWRripTgTkcJWMm7iQQUaDfg67Y7%2BF8Rhvv%2BYXsIiGX0TkICEAPTNcvmQOXH%2Fsp3YDkB5VY%3D
unknown
binary
727 b
unknown
2340
smartscreen.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBQ50otx%2Fh0Ztl%2Bz8SiPI7wEWVxDlQQUTiJUIBiV5uNu5g%2F6%2BrkS7QYXjzkCEApDqVCbATUviZV57HIIulA%3D
unknown
binary
471 b
unknown
1892
WinZip System Utilities Suite.exe
GET
200
192.229.221.95:80
http://ocsp.digicert.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBT3xL4LQLXDRDM9P665TW442vrsUQQUReuir%2FSSy4IxLVGLp6chnfNtyA8CEA6bGI750C3n79tQ4ghAGFo%3D
unknown
binary
471 b
unknown
6016
WinZip System Utilities Suite.exe
GET
200
142.250.185.131:80
http://ocsp.pki.goog/gsr1/MFEwTzBNMEswSTAJBgUrDgMCGgUABBS3V7W2nAf4FiMTjpDJKg6%2BMgGqMQQUYHtmGkUNl8qJUC99BM00qP%2F8%2FUsCEHe9DWzbNvka6iEPxPBY0w0%3D
unknown
binary
1.41 Kb
unknown
6016
WinZip System Utilities Suite.exe
GET
200
142.250.185.131:80
http://ocsp.pki.goog/gtsr1/ME4wTDBKMEgwRjAJBgUrDgMCGgUABBQwkcLWD4LqGJ7bE7B1XZsEbmfwUAQU5K8rJnEaK0gnhS9SZizv8IkTcT4CDQIDvFNZazTHGPUBUGY%3D
unknown
binary
724 b
unknown
Download PCAP, analyze network streams, HTTP content and a lot more at the full report

Connections

PID
Process
IP
Domain
ASN
CN
Reputation
4588
svchost.exe
239.255.255.250:1900
unknown
5180
msedge.exe
224.0.0.251:5353
unknown
2664
msedge.exe
94.245.104.56:443
api.edgeoffer.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
IE
unknown
2664
msedge.exe
13.107.42.16:443
config.edge.skype.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
whitelisted
2664
msedge.exe
172.66.40.125:443
jp.appconner.com
CLOUDFLARENET
US
unknown
2664
msedge.exe
204.79.197.239:443
edge.microsoft.com
MICROSOFT-CORP-MSN-AS-BLOCK
US
unknown
4208
explorer.exe
93.184.221.240:80
ctldl.windowsupdate.com
EDGECAST
GB
whitelisted
2664
msedge.exe
216.58.212.170:443
fonts.googleapis.com
GOOGLE
US
whitelisted
2664
msedge.exe
142.250.186.34:443
pagead2.googlesyndication.com
GOOGLE
US
unknown
2664
msedge.exe
142.250.185.131:443
fonts.gstatic.com
GOOGLE
US
whitelisted

DNS requests

Domain
IP
Reputation
api.edgeoffer.microsoft.com
  • 94.245.104.56
whitelisted
config.edge.skype.com
  • 13.107.42.16
whitelisted
jp.appconner.com
  • 172.66.40.125
  • 172.66.43.131
unknown
edge.microsoft.com
  • 204.79.197.239
  • 13.107.21.239
whitelisted
ctldl.windowsupdate.com
  • 93.184.221.240
  • 173.222.108.226
  • 173.222.108.210
whitelisted
fonts.googleapis.com
  • 216.58.212.170
  • 142.250.181.234
  • 142.250.186.106
whitelisted
fonts.gstatic.com
  • 142.250.185.131
  • 172.217.23.99
whitelisted
pagead2.googlesyndication.com
  • 142.250.186.34
  • 142.250.186.162
whitelisted
adservice.google.com
  • 142.250.185.162
whitelisted
googleads.g.doubleclick.net
  • 142.250.181.226
  • 142.250.186.162
whitelisted

Threats

PID
Process
Class
Message
1412
svchost.exe
Misc activity
ET INFO Microsoft Connection Test
2664
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] jQuery JavaScript Library Code Loaded (code.jquery .com)
2664
msedge.exe
Not Suspicious Traffic
INFO [ANY.RUN] Global content delivery network (unpkg .com)
No debug info
Interactive malware hunting service ANY.RUN
© 2017-2026 ANY.RUN ALL RIGHTS RESERVED
ANY.RUN
Reports
https://jp.appconner.com/app-google-chrome-%E9%AB%98%E9%80%9F%E3%81%A7%E5%AE%89%E5%85%A8?utm_source=bing&utm_medium=cpc&utm_campaign=afcapp_jp_rita_%E4%BD%8E%E4%BB%B7%E9%AB%98%E6%B5%81%E9%87%8F_0.05_1&utm_term=google%20chrome&utm_content=j0261_Google%20Chrome%3A%20%E9%AB%98%E9%80%9F%E3%81%A7%E5%AE%89%E5%85%A8